Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/gKaFPe0FjzNvzi4txO6pNImWv0E.roa
File:                     gKaFPe0FjzNvzi4txO6pNImWv0E.roa (raw, json)
Hash identifier:          GGDBqj/zj3A7Dx47H9yXpnDauuMyhcvA2aB8jotT6MU=
Subject key identifier:   80:A6:85:3D:ED:05:8F:33:6F:CE:2E:2D:C4:EE:A9:34:89:96:BF:41
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       018ACD17B4249B02B5783231B6D3EB16FDBB
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/gKaFPe0FjzNvzi4txO6pNImWv0E.roa
Signing time:             Mon 25 Sep 2023 16:06:37 +0000
ROA not before:           Mon 25 Sep 2023 16:06:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51765
IP address blocks:        77.90.187.0/24 maxlen: 24
                          213.209.132.0/24 maxlen: 24
                          213.209.143.0/24 maxlen: 24
                          213.209.148.0/24 maxlen: 24
                          77.90.176.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 24 Oct 2023 11:17:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:cd:17:b4:24:9b:02:b5:78:32:31:b6:d3:eb:16:fd:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Sep 25 16:06:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=80a6853ded058f336fce2e2dc4eea9348996bf41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:b5:7b:c9:f2:31:e7:d9:36:f1:b0:81:e4:39:
                    72:a9:c2:94:80:87:49:6c:09:5f:ff:77:f2:5e:3f:
                    3a:95:26:9a:6b:5a:28:7b:d7:84:d9:53:09:07:aa:
                    7b:a5:76:0f:74:5a:5f:56:ad:11:eb:89:34:87:7b:
                    3f:89:b4:ad:9b:a9:b9:39:04:be:4f:ff:39:b9:1f:
                    9a:97:61:25:1c:70:0f:5a:77:91:44:1d:92:47:34:
                    35:fd:65:1f:e0:a9:65:7d:f0:62:69:10:85:b4:11:
                    23:71:30:60:65:dc:a1:e7:00:46:32:33:3f:53:3c:
                    fa:b1:a1:67:41:6f:9c:96:13:e2:cf:30:f7:db:6a:
                    9b:ca:5e:47:b4:59:8a:13:92:d9:84:29:8d:e3:26:
                    35:5d:c1:c0:01:83:b6:ca:c9:6e:92:3c:bd:fb:52:
                    b4:ba:30:ea:06:ff:4d:e1:50:af:6a:d9:82:0d:fd:
                    34:e3:4d:58:a5:1d:20:45:87:c6:87:d4:99:1d:f7:
                    ff:95:de:c8:5f:6b:b9:ac:49:97:ae:af:67:3a:7f:
                    b0:95:f7:9f:ff:ca:02:e9:16:70:f3:21:94:f3:fd:
                    75:0f:e7:a9:c8:3e:7b:87:d3:27:5d:d2:65:4b:b0:
                    39:03:e6:ca:1b:3d:ff:6c:5a:1e:79:3c:4e:ae:c4:
                    06:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:A6:85:3D:ED:05:8F:33:6F:CE:2E:2D:C4:EE:A9:34:89:96:BF:41
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/gKaFPe0FjzNvzi4txO6pNImWv0E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.176.0/24
                  77.90.187.0/24
                  213.209.132.0/24
                  213.209.143.0/24
                  213.209.148.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:ca:14:f5:84:61:ee:93:90:05:eb:dc:81:ff:96:22:79:40:
         0d:7c:55:86:ea:4a:fc:16:23:b1:00:5b:ee:3a:59:95:ae:38:
         52:a1:97:5e:8e:47:d8:92:2f:ef:4c:28:72:4b:e4:1e:66:b6:
         58:dc:6e:12:1a:81:2e:5d:74:4b:20:ad:f5:4b:51:1d:b5:fd:
         a8:9c:58:b5:88:34:dd:08:4d:ba:dc:99:dc:6d:bf:c1:a1:28:
         46:82:71:35:d6:76:5c:67:64:d2:8c:51:79:f1:cf:ac:63:59:
         ca:b5:c4:07:79:96:bc:27:a3:9d:77:bc:e2:76:56:5e:d8:60:
         a9:76:9d:f9:a3:3b:7c:0a:40:e8:da:f5:a5:47:bd:42:a4:12:
         18:d0:1f:1a:02:0d:6f:87:10:91:7c:9f:e6:41:f3:ac:53:fb:
         5f:cd:10:bd:d5:c5:2a:df:7c:f8:b2:0c:27:4a:b7:38:c5:c7:
         63:d3:d7:5b:14:14:67:91:60:7d:b1:ff:3a:2f:8e:49:f8:ba:
         b4:a5:1d:10:94:5f:1f:35:9e:59:62:04:9c:66:23:27:cb:07:
         ae:e1:ff:5a:cd:c0:03:8d:b2:b1:c6:63:8f:f8:ed:99:06:c1:
         57:89:a6:01:22:86:eb:ab:e4:c4:17:57:52:b4:13:81:1a:b7:
         95:38:d6:41
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYrNF7QkmwK1eDIxttPrFv27MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwOTI1MTYwNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGE2ODUzZGVkMDU4ZjMzNmZjZTJlMmRjNGVlYTkzNDg5OTZiZjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7V7yfIx59k28bCB5DlyqcKUgIdJ
bAlf/3fyXj86lSaaa1ooe9eE2VMJB6p7pXYPdFpfVq0R64k0h3s/ibStm6m5OQS+
T/85uR+al2ElHHAPWneRRB2SRzQ1/WUf4KllffBiaRCFtBEjcTBgZdyh5wBGMjM/
Uzz6saFnQW+clhPizzD322qbyl5HtFmKE5LZhCmN4yY1XcHAAYO2yslukjy9+1K0
ujDqBv9N4VCvatmCDf00401YpR0gRYfGh9SZHff/ld7IX2u5rEmXrq9nOn+wlfef
/8oC6RZw8yGU8/11D+epyD57h9MnXdJlS7A5A+bKGz3/bFoeeTxOrsQGaQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFICmhT3tBY8zb84uLcTuqTSJlr9BMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvZ0thRlBlMEZqek52emk0dHhPNnBOSW1XdjBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATVqwAwQA
TVq7AwQA1dGEAwQA1dGPAwQA1dGUMA0GCSqGSIb3DQEBCwUAA4IBAQBuyhT1hGHu
k5AF69yB/5YieUANfFWG6kr8FiOxAFvuOlmVrjhSoZdejkfYki/vTChyS+QeZrZY
3G4SGoEuXXRLIK31S1Edtf2onFi1iDTdCE263Jncbb/BoShGgnE11nZcZ2TSjFF5
8c+sY1nKtcQHeZa8J6Odd7zidlZe2GCpdp35ozt8CkDo2vWlR71CpBIY0B8aAg1v
hxCRfJ/mQfOsU/tfzRC91cUq33z4sgwnSrc4xcdj09dbFBRnkWB9sf86L45J+Lq0
pR0QlF8fNZ5ZYgScZiMnyweu4f9azcADjbKxxmOP+O2ZBsFXiaYBIobrq+TEF1dS
tBOBGreVONZB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org